Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
File: fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa (raw, json)
Hash identifier: RvCv8pyMMWN1VwKbbTCXtdoYobjK35yI3z7m8FYa6Dc=
Subject key identifier: 85:3D:49:4C:CE:01:25:50:8C:7A:20:57:70:18:60:2D:52:4F:32:6A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 685B568A9B492BB6CB9E54DC2A318462FFC09D2A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 57.95.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Dec 2024 15:18:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:5b:56:8a:9b:49:2b:b6:cb:9e:54:dc:2a:31:84:62:ff:c0:9d:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=791343e951c4c19d352169e35fa45db18870740b343e6b28c0a6e75f8a3bb10f, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:51:8c:db:c0:9f:6e:0a:78:b7:33:e9:8d:44:
34:02:d9:f3:f5:b0:91:a5:e1:71:42:cc:50:35:67:
0d:c7:f6:12:9e:10:aa:12:57:f6:68:d1:67:21:3e:
38:5c:5e:4a:02:d5:39:a1:44:43:16:ba:4e:37:35:
a9:7d:23:52:c9:3c:e3:5d:38:17:11:63:07:6f:d4:
f9:62:98:3c:a1:6f:0d:d0:5a:79:9a:4b:d1:4c:bd:
f1:57:5f:70:05:41:ee:05:a6:af:b3:56:a4:50:52:
bc:3b:15:d5:48:de:ce:a9:d7:1e:f9:d2:8c:cb:be:
7e:f3:f6:d1:4b:2a:11:d1:c3:a1:f4:dc:0a:1b:7f:
e7:91:44:40:66:8f:49:b7:87:bc:4e:c7:2e:c8:2f:
0b:5f:9c:7c:27:a4:7e:ea:3f:83:80:e4:ef:57:2d:
b3:90:99:e0:a8:4e:77:24:ea:71:54:a0:68:a9:47:
ef:4e:28:f1:39:a6:15:39:dd:e1:4e:c2:f5:d4:77:
ab:ba:36:0c:a7:f3:28:cb:47:48:0e:87:01:47:7d:
70:de:55:4f:e5:e7:6b:b9:9a:13:d5:ba:cb:4e:20:
67:fc:fc:cb:d6:b2:00:11:1c:a3:27:7a:a7:78:27:
bc:c5:4e:91:35:2a:4c:6e:43:8b:59:40:1e:52:a7:
f5:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3D:49:4C:CE:01:25:50:8C:7A:20:57:70:18:60:2D:52:4F:32:6A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/fbc260fc-826d-4d13-a20a-3df2ec95cf1a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.95.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2a:d1:5b:d7:d7:a0:44:fe:2e:4e:fe:aa:a4:b5:f5:ef:69:90:
ca:48:c5:71:5e:a6:b9:c2:8d:ac:97:27:7a:44:30:be:2f:d8:
a6:73:6b:e5:f5:79:dd:b1:6c:cd:9a:11:95:44:11:12:0a:2a:
5b:d7:0f:16:bc:fa:50:de:f4:e9:b2:d7:ca:a4:69:ef:ec:12:
ef:ce:b0:9a:c0:c1:c7:ef:42:91:4e:75:4a:c8:13:be:70:b4:
72:8c:db:88:fe:52:c7:51:2b:69:f8:00:29:a4:ea:ae:33:70:
0c:f1:8a:42:f0:62:07:2f:3c:14:dc:77:24:60:f6:73:f0:8e:
8d:fe:02:6d:24:64:46:53:e5:7f:35:52:5c:e3:65:bd:45:65:
69:20:54:92:47:18:25:41:ee:af:92:32:df:d7:4e:08:a3:05:
e4:6c:ad:f9:f3:48:29:cc:47:6f:37:01:2e:c9:77:f7:77:54:
d4:8e:b6:b1:4f:2e:89:72:3d:dc:d4:62:89:b1:61:6f:26:ac:
6a:4e:56:2e:a5:ba:fc:26:1d:ec:e9:47:52:7e:6a:04:c9:06:
b9:bf:0f:ec:5c:c6:aa:01:dd:5a:5a:2b:8f:63:fe:ab:72:c4:
9c:3e:99:e2:cf:0a:12:6e:c1:63:12:19:7b:b8:0b:18:13:95:
9f:18:cc:94
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaFtWiptJK7bLnlTcKjGEYv/AnSowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDc5MTM0M2U5NTFjNGMxOWQzNTIxNjllMzVmYTQ1ZGIxODg3MDc0MGIzNDNl
NmIyOGMwYTZlNzVmOGEzYmIxMGYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlRjNvAn24KeLcz6Y1ENALZ8/WwkaXhcULMUDVnDcf2Ep4QqhJX9mjRZyE+
OFxeSgLVOaFEQxa6Tjc1qX0jUsk84104FxFjB2/U+WKYPKFvDdBaeZpL0Uy98Vdf
cAVB7gWmr7NWpFBSvDsV1UjezqnXHvnSjMu+fvP20UsqEdHDofTcCht/55FEQGaP
SbeHvE7HLsgvC1+cfCekfuo/g4Dk71cts5CZ4KhOdyTqcVSgaKlH704o8TmmFTnd
4U7C9dR3q7o2DKfzKMtHSA6HAUd9cN5VT+Xna7maE9W6y04gZ/z8y9ayABEcoyd6
p3gnvMVOkTUqTG5Di1lAHlKn9VUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSFPUlM
zgElUIx6IFdwGGAtUk8yajAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZmJjMjYwZmMtODI2ZC00ZDEzLWEyMGEtM2RmMmVjOTVjZjFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADlfMA0G
CSqGSIb3DQEBCwUAA4IBAQAq0VvX16BE/i5O/qqktfXvaZDKSMVxXqa5wo2slyd6
RDC+L9imc2vl9XndsWzNmhGVRBESCipb1w8WvPpQ3vTpstfKpGnv7BLvzrCawMHH
70KRTnVKyBO+cLRyjNuI/lLHUStp+AAppOquM3AM8YpC8GIHLzwU3HckYPZz8I6N
/gJtJGRGU+V/NVJc42W9RWVpIFSSRxglQe6vkjLf104IowXkbK3580gpzEdvNwEu
yXf3d1TUjraxTy6Jcj3c1GKJsWFvJqxqTlYupbr8Jh3s6UdSfmoEyQa5vw/sXMaq
Ad1aWiuPY/6rcsScPpnizwoSbsFjEhl7uAsYE5WfGMyU
-----END CERTIFICATE-----
Generated at Mon Dec 9 19:56:33 2024 by rpki-client on console-fra.rpki-client.org